Mebroot Fixtool – Fix and Remove Mebroot
The Mebroot Fixtool is designed to detect and remove a devastating type of malware that attacks the Master Boot Record (MBR)—a section of a computer’s hard disk that is pivotal in loading the operating system and booting a computer. This harmful piece of malware is known as Trojan.Mebroot, and it infects the Master Boot Record, stores a rootkit driver in the physical drive sectors, and hides the true contents of all sectors. The Mebroot Fixtool, as its name suggests, effectively fixes and removes Mebroot.
WHAT MAKES MEBROOT SO HARMFUL?
The Mebroot Trojan has two main components that make it especially destructive:
- As a Trojan horse, it modifies a computer’s Master Boot Record and seriously impairs the computer’s performance. It is also capable of stealing valuable personal information from the computer and performing other invasive exploits.
- Secondly, the Mebroot Trojan employs advanced rootkit techniques that enable it to inconspicuously carry out actions that are malicious and detrimental to your PC.
WHAT EXACTLY IS A ROOTKIT?
Imagine that spies had personal costume designers that assembled their disguises, thereby allowing them to lurk about, undetected. That’s essentially what rootkits do for malware. A rootkit is a type of software designed to hide the fact that an operating system has been compromised, sometimes by replacing vital executables. Rootkits allow viruses and malware to "hide in plain sight," disguised as necessary files that your antivirus software will overlook.
This latest sample of Mebroot uses powerful rootkit techniques designed to render most anti-rootkits useless in their battle against Mebroot. Fortunately, the Mebroot Fixtool is able to combat Mebroot’s rootkit techniques and successfully fix and remove it.
HOW CAN I USE MEBROOT FIXTOOL TO FIX AND REMOVE MEBROOT?
To disinfect a PC infected with the latest version of Mebroot (first reported July 10th, 2008) please follow these steps:
- Install Spyware Doctor and run Smart Update to ensure you have database version 1025 or later
- Download and run the Mebroot Fixtool to remove the rootkit and repair the MBR
- Reboot the PC
- Then run a scan using Spyware Doctor to detect and remove the files related to the threat.
Note: Currently this program only runs under Windows XP.